Secure Coding mailing list archives
Yoran on the state of software security
From: "Kenneth R. van Wyk" <Ken () KRvW com>
Date: Mon, 19 Apr 2004 23:35:04 +0100
FYI, in addition to the report released today by the National Cyber Security Partnership on "Cyber Security Technical Standards and Common Criteria" (see http://www.cyberpartnership.org/041904.html), there's an article in eWeek quoting Amit Yoran on his take on the state of software security (see http://www.eweek.com/article2/0,1759,1570317,00.asp). In the article, Yoran is quoted as saying, "It's inexcusable today to produce software that suffers from buffer overruns," he said to an audience of several hundred security managers and network operators. "We need to focus on software assurance in the development cycle and in real-world deployments." You think he heard what I said on TechTV last week (see http://www.techtv.com/callforhelp/shownotes/story/0,24330,3662522,00.html)? Yeah, me neither... ;-) Cheers, Ken van Wyk -- KRvW Associates, LLC http://www.KRvW.com
Current thread:
- Yoran on the state of software security Kenneth R. van Wyk (Apr 19)
- <Possible follow-ups>
- Re: Yoran on the state of software security Kenneth R. van Wyk (Apr 20)
- Missing the point? Michael A. Davis (Apr 20)
- Re: Missing the point? Dave Aronson (Apr 20)
- Re: Missing the point? Mads Rasmussen (Apr 20)
- RE: Missing the point? Alun Jones (Apr 20)
- Re: Missing the point? Jared W. Robinson (Apr 21)
- Re: Missing the point? Paco Hope (Apr 20)
- Re: Missing the point? Nash (Apr 20)
- RE: Missing the point? Michael A. Davis (Apr 21)
- Missing the point? Michael A. Davis (Apr 20)
- Re: Missing the point? Pascal Meunier (Apr 20)